Virustotal. MD5: 3ba6e1630b326685a9120d2ca0c28da6 Trojan-PSW.Win32.Nilage.djl W32/Heuristic-166!Eldorado Win32:Nilage-MT

File sonb32drv.dll received on 2008.06.09 06:45:16 (UTC)
Current status: finished

Result: 8/32 (25.00%)

Antivirus	Version	Last Update	Result
AhnLab-V3	2008.5.30.1	2008.06.05	-
AntiVir	7.8.0.55	2008.06.09	-
Authentium	5.1.0.4	2008.06.08	W32/Heuristic-166!Eldorado
Avast	4.8.1195.0	2008.06.09	Win32:Nilage-MT
AVG	7.5.0.516	2008.06.08	-
BitDefender	7.2	2008.06.09	-
CAT-QuickHeal	9.50	2008.06.07	-
ClamAV	0.92.1	2008.06.09	-
DrWeb	4.44.0.09170	2008.06.08	Trojan.PWS.Gamania.origin
eSafe	7.0.15.0	2008.06.05	-
eTrust-Vet	31.6.5858	2008.06.08	-
Ewido	4.0	2008.06.08	-
F-Prot	4.4.4.56	2008.06.08	W32/Heuristic-166!Eldorado
F-Secure	6.70.13260.0	2008.06.09	Trojan-PSW.Win32.Nilage.djl
Fortinet	3.14.0.0	2008.06.08	-
GData	2.0.7306.1023	2008.06.09	Trojan-PSW.Win32.Nilage.djl
Ikarus	T3.1.1.26.0	2008.06.09	-
Kaspersky	7.0.0.125	2008.06.09	Trojan-PSW.Win32.Nilage.djl
McAfee	5312	2008.06.06	-
Microsoft	1.3604	2008.06.09	-
NOD32v2	3166	2008.06.09	-
Norman	5.80.02	2008.06.06	-
Panda	9.0.0.4	2008.06.08	-
Prevx1	V2	2008.06.09	-
Rising	20.47.42.00	2008.06.06	-
Sophos	4.30.0	2008.06.09	Mal/Emogen-R
Sunbelt	3.0.1145.1	2008.06.05	-
Symantec	10	2008.06.09	-
TheHacker	6.2.92.339	2008.06.07	-
VBA32	3.12.6.7	2008.06.08	-
VirusBuster	4.3.26:9	2008.06.08	-
Webwasher-Gateway	6.6.2	2008.06.09	-

Additional information
File size: 45056 bytes
MD5...: 3ba6e1630b326685a9120d2ca0c28da6
SHA1..: c3faaa6deee5c5efe650a50795755c5c7d696104
SHA256: 77081a801a41afcc1dbb763fba5c8c0d13eea9352816e98fb925e5f00f331997
SHA512: 63427992f5ad06e97bde54daca87844939f14bc110cdb44c8420077c4d4b90c6 b54931f94cb536c05464cf85ab4bfc0dadb2d60a9b00ca0ae4bd1a89c8b44de6
PEiD..: Armadillo v1.xx - v2.xx
PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x10007397 timedatestamp.....: 0x4848ccee (Fri Jun 06 05:36:46 2008) machinetype.......: 0x14c (I386) ( 4 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0x6862 0x7000 6.07 37e87ab1d0638e61d8461ccebe9c1289 .rdata 0x8000 0x9a6 0x1000 3.22 d2998179ac60d44bdf82861c3eb2189e .data 0x9000 0x1d6d0 0x1000 4.07 575ea2be26b238d84b816ccea71ad45b .reloc 0x27000 0xa90 0x1000 3.71 c21f51db817a964be974be82e24f4df2 ( 6 imports ) > WS2_32.dll: -, -, -, -, -, -, -, -, - > KERNEL32.dll: LocalFree, CreateThread, IsBadStringPtrA, LoadLibraryA, Sleep, GetProcAddress, GetLastError, GetSystemInfo, IsBadReadPtr, VirtualQuery, WideCharToMultiByte, GetModuleHandleA, GetTickCount, InterlockedDecrement, CloseHandle, CreateFileA, lstrcpynA, MapViewOfFile, CreateFileMappingA, OpenFileMappingA > USER32.dll: CallNextHookEx, wsprintfA, GetWindowTextA, GetParent, GetClassNameA, ScreenToClient > ole32.dll: CoCreateInstance, OleRun > OLEAUT32.dll: -, -, -, - > MSVCRT.dll: _initterm, _adjust_fdiv, _strupr, _strdup, _CxxThrowException, __1type_info@@UAE@XZ, _onexit, __dllonexit, strchr, atoi, free, isalpha, isdigit, realloc, malloc, wcslen, __2@YAPAXI@Z, __CxxFrameHandler, sprintf, __3@YAXPAX@Z ( 4 exports ) DllCanUnloadNow, DllGetClassObject, DllRegisterServer, DllUnregisterServer

ATTENTION: VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.


	Virustotal is a service that analyzes suspicious files and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. More information...

Virustotal is a service that analyzes suspicious files and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. More information...